Security Bytes:

August, 2010

Materials outlining Microsoft’s Security Development Lifecycle will be transferred to a Creative Commons license. SDL tools and templates remain under an exclusive Microsoft license.
Microsoft’s Security Development Lifecycle is officially going open source. The software...

Millions of websites were compromised by an embedded widget that enabled attackers to set up drive-by attacks against users.
Millions of websites hosted by Network Solutions had been serving up malware after hackers compromised a blog run by the hosting provider and infected a...

Adobe repaired six memory corruption vulnerabilities in Flash Player that could enable an attacker to execute code remotely on a victim’s computer.
Adobe Systems Inc. plugged six vulnerabilities in Flash Player and issued updates to its ColdFusion and Adobe Flash Media...

New flaw is a moderate risk and targets the Windows Kernel.
Security researchers reported a new Windows vulnerability that could allow attackers to gain elevated privileges on vulnerable machines.
Security research firm VUPEN Security said it confirmed the vulnerability on...

Jailbroken phones are more prone to security threats, researchers say.
The emergence of an exploit used by a website for iPhone "jailbreaking" prompted security researchers to issue warnings about smartphone security.
The website, Jailbreakme.com, allows iPhone and iPad...